Solution: If you get this error ensure below steps:-
1. There is no user profile created for the user the app is acting on behalf of. Ensure that you have created a user profile for the user accessing the remote app.
2. You app certificate was not added to the trusted certificate store.
3. Your .NET web application is accepting anonymous requests. This means there is not a real user identity in the access token. Ensure that the root directory of your remote web app has anonymous access disabled in IIS.
If none of the above worked for you then run below command in "SharePoint 2013 Management Shell":-
$serviceConfig = Get-SPSecurityTokenServiceConfig
$serviceConfig.AllowOAuthOverHttp = $true
$serviceConfig.Update()
The above command will turn off the HTTPS
Tried but still get the 'forbidden' error message. :(
ReplyDelete